cb47cce074
- Organized 252 files across project - Root directory: 187 → 2 files (98.9% reduction) - Moved configuration guides to docs/04-configuration/ - Moved troubleshooting guides to docs/09-troubleshooting/ - Moved quick start guides to docs/01-getting-started/ - Moved reports to reports/ directory - Archived temporary files - Generated comprehensive reports and documentation - Created maintenance scripts and guides All files organized according to established standards.
4.7 KiB
4.7 KiB
Services Configuration Complete
Date: 2026-01-04
Status: ✅ All Services Configured and Running
Configuration Summary
All three supporting services have been installed, configured, and started:
| Service | VMID | IP | Port | Status | Service Status |
|---|---|---|---|---|---|
| Redis | 106 | 192.168.11.110 | 6379 | ✅ Running | systemd active |
| Web3Signer | 107 | 192.168.11.111 | 9000 | ✅ Running | systemd active |
| Vault | 108 | 192.168.11.112 | 8200 | ✅ Running | systemd active |
Service Details
Redis (VMID 106)
Configuration:
- ✅ Installed: redis-server
- ✅ Configured: bind to 192.168.11.110
- ✅ Protected mode: enabled
- ✅ Service: systemd (redis-server)
- ✅ Status: Running and responding to ping
Test:
redis-cli -h 192.168.11.110 ping
# Should return: PONG
Note: Password authentication can be added by setting REDIS_PASSWORD in .env and updating /etc/redis/redis.conf.
Web3Signer (VMID 107)
Configuration:
- ✅ Installed: Java 17 JRE, Web3Signer 23.10.0
- ✅ Location:
/opt/web3signer-23.10.0 - ✅ Config:
/opt/web3signer-23.10.0/web3signer.yml - ✅ Listen: 192.168.11.111:9000
- ✅ Service: systemd (web3signer)
- ✅ Status: Running
Config File: /opt/web3signer-23.10.0/web3signer.yml
server:
http-listen-port: 9000
http-listen-host: 192.168.11.111
data-path: /opt/web3signer/data
Test:
curl http://192.168.11.111:9000/upcheck
# Should return: OK
Next Steps:
- Configure signing keys (see Web3Signer documentation)
- Add keys to
/opt/web3signer/data/keystoreor configure key source - Restart service:
systemctl restart web3signer
Vault (VMID 108)
Configuration:
- ✅ Installed: Vault 1.15.0
- ✅ Location:
/usr/local/bin/vault - ✅ Mode: Development mode (for testing)
- ✅ Listen: 192.168.11.112:8200
- ✅ Root Token:
root(development only) - ✅ Service: systemd (vault)
- ✅ Status: Running
AppRole Configuration:
- ✅ AppRole auth method: enabled
- ✅ Role:
translator - ✅ Policy:
translator-policy(read access tosecret/data/chain138/translator) - ✅ Credentials: Generated (save to
.envfile)
Vault Credentials (save to .env):
VAULT_ADDR=http://192.168.11.112:8200
VAULT_ROLE_ID=<generated-role-id>
VAULT_SECRET_ID=<generated-secret-id>
Test:
curl http://192.168.11.112:8200/v1/sys/health
# Should return JSON with vault status
Production Setup: For production, configure Vault with:
- TLS certificates
- Proper storage backend
- Production initialization with unseal keys
- Secure root token management
Systemd Services
All services are managed by systemd and configured to start on boot:
Redis:
pct exec 106 -- systemctl status redis-server
Web3Signer:
pct exec 107 -- systemctl status web3signer
Vault:
pct exec 108 -- systemctl status vault
Connectivity Verification
All services are accessible from the network:
# Test Redis
redis-cli -h 192.168.11.110 ping
# Expected: PONG
# Test Web3Signer
curl http://192.168.11.111:9000/upcheck
# Expected: OK
# Test Vault
curl http://192.168.11.112:8200/v1/sys/health
# Expected: JSON response
Security Notes
- Redis: Currently no password (add
REDIS_PASSWORDfor production) - Web3Signer: No keys configured yet (add signing keys before use)
- Vault: Running in dev mode with root token (configure production mode)
- Network: Services are bound to specific IPs (192.168.11.110-112)
- Firewall: Ensure firewall rules allow access from translator VMIDs (2400-2402)
Next Steps
- ✅ Services installed and running
- ⏳ Configure Web3Signer signing keys
- ⏳ Update
.envfiles with Vault credentials - ⏳ Configure Vault secrets (if using Vault for config)
- ⏳ Deploy translator service to VMIDs 2400-2402
- ⏳ Configure translator
.envfiles with service IPs and credentials - ⏳ Test end-to-end functionality
Environment Variables
Update .env files on translator VMIDs (2400-2402) with:
# Supporting Services
WEB3SIGNER_URL=http://192.168.11.111:9000
REDIS_HOST=192.168.11.110
REDIS_PORT=6379
REDIS_PASSWORD= # Add if configured
VAULT_ADDR=http://192.168.11.112:8200
VAULT_ROLE_ID=<from-vault-output>
VAULT_SECRET_ID=<from-vault-output>
References
- Deployment Guide:
DEPLOYMENT.md - Deployment Complete:
DEPLOYMENT_COMPLETE.md - VMID Allocation:
VMID_ALLOCATION.md - Redis Docs: https://redis.io/docs/
- Web3Signer Docs: https://docs.web3signer.consensys.io/
- Vault Docs: https://developer.hashicorp.com/vault/docs